import libxcrypt-4.1.1-4.el8

This commit is contained in:
CentOS Sources 2019-05-07 09:38:20 -04:00 committed by Andrew Lukoshko
commit 6113b63613
5 changed files with 648 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/libxcrypt-4.1.1.tar.gz

1
.libxcrypt.metadata Normal file
View File

@ -0,0 +1 @@
12f53bf48f4c08a5b650537e1e236495d39e5a81 SOURCES/libxcrypt-4.1.1.tar.gz

View File

@ -0,0 +1,67 @@
commit cc1806e214b89403152c2c53932d8d0b8aeb1e91
Author: Björn Esser <besser82@fedoraproject.org>
Date: Sat Aug 4 13:02:03 2018 +0200
Add alias man-pages for other crypt functions.
diff --git a/Makefile.am b/Makefile.am
index 201dea53313e7054..1ea36121d085b55d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -15,7 +15,8 @@ EXTRA_DIST = \
gen-map.awk gen-vers.awk gen-crypt-h.awk \
gen-hashes.awk sel-hashes.awk hashes.lst
-notrans_dist_man3_MANS = crypt_rn.3 crypt_gensalt.3
+notrans_dist_man3_MANS = crypt.3 crypt_r.3 crypt_ra.3 \
+ crypt_rn.3 crypt_gensalt.3
notrans_dist_man5_MANS = crypt.5
nodist_include_HEADERS = crypt.h
diff --git a/crypt.3 b/crypt.3
new file mode 100644
index 0000000000000000..430e48f320d6e8af
--- /dev/null
+++ b/crypt.3
@@ -0,0 +1 @@
+.so man3/crypt_rn.3
diff --git a/crypt.5 b/crypt.5
index 5db9c923cbd66e55..7fe46091f192b114 100644
--- a/crypt.5
+++ b/crypt.5
@@ -279,6 +279,8 @@ that will work on an old operating system that supports nothing else.
.hash "$3$" "\e$3\e$\e$[0-9a-f]{32}" unlimited 8 256 256 0 1
.SH SEE ALSO
.BR crypt (3),
+.BR crypt_r (3),
+.BR crypt_ra (3),
.BR crypt_rn (3),
.BR crypt_gensalt (3),
.BR getpwent (3),
diff --git a/crypt_gensalt.3 b/crypt_gensalt.3
index ebfff28db79a3c53..31097400e5cd2080 100644
--- a/crypt_gensalt.3
+++ b/crypt_gensalt.3
@@ -223,6 +223,8 @@ T} Thread safety MT-Safe
.SH SEE ALSO
.ad l
.BR crypt (3),
+.BR crypt_r (3),
+.BR crypt_ra (3),
.BR crypt_rn (3),
.BR getpass (3),
.BR getpwent (3),
diff --git a/crypt_r.3 b/crypt_r.3
new file mode 100644
index 0000000000000000..430e48f320d6e8af
--- /dev/null
+++ b/crypt_r.3
@@ -0,0 +1 @@
+.so man3/crypt_rn.3
diff --git a/crypt_ra.3 b/crypt_ra.3
new file mode 100644
index 0000000000000000..430e48f320d6e8af
--- /dev/null
+++ b/crypt_ra.3
@@ -0,0 +1 @@
+.so man3/crypt_rn.3

View File

@ -0,0 +1,320 @@
commit 8596e298f761c32cecff45424f5242cd14269292
Author: Zack Weinberg <zackw@panix.com>
Date: Tue Aug 7 21:35:12 2018 -0400
Add configure option --disable-failure-tokens.
When this option is given, crypt and crypt_r will return NULL on
failure, instead of a special "failure token" string that isn't the
hash of any passphrase. This was the historical behavior of glibc,
FreeBSD libc, and several other implementations.
diff --git a/configure.ac b/configure.ac
index a22a5926bd82f729..23651f9c5c886107 100644
--- a/configure.ac
+++ b/configure.ac
@@ -152,6 +152,25 @@ AC_CHECK_FUNCS_ONCE([
])
# Configure options.
+AC_ARG_ENABLE([failure-tokens],
+ AS_HELP_STRING(
+ [--disable-failure-tokens],
+ [Make crypt and crypt_r return NULL on failure, instead of a
+ special "failure token" string that isn't the hash of any
+ passphrase. This matches the behavior of several other
+ crypt implementations, but will break programs that assume these
+ functions never return NULL. crypt_rn and crypt_ra are not affected
+ by this option, and will always return NULL on failure.]
+ ),
+ [case "$enableval" in
+ yes) enable_failure_tokens=1;;
+ no) enable_failure_tokens=0;;
+ *) AC_MSG_ERROR([bad value ${enableval} for --enable-failure-tokens]);;
+ esac],
+ [enable_failure_tokens=1])
+AC_DEFINE_UNQUOTED([ENABLE_FAILURE_TOKENS], [$enable_failure_tokens],
+ [Define to 1 if crypt and crypt_r should return a "failure token" on
+ failure, or 0 if they should return NULL.])
AC_ARG_ENABLE([obsolete-api],
AS_HELP_STRING(
diff --git a/crypt.c b/crypt.c
index 9a3e19214e613097..839763afad14eaa9 100644
--- a/crypt.c
+++ b/crypt.c
@@ -235,7 +235,11 @@ crypt_r (const char *phrase, const char *setting, struct crypt_data *data)
{
make_failure_token (setting, data->output, sizeof data->output);
do_crypt (phrase, setting, data);
+#if ENABLE_FAILURE_TOKENS
return data->output;
+#else
+ return data->output[0] == '*' ? 0 : data->output;
+#endif
}
SYMVER_crypt_r;
#endif
diff --git a/crypt_rn.3 b/crypt_rn.3
index 24da44cfce19716b..d021c4ed4a046e04 100644
--- a/crypt_rn.3
+++ b/crypt_rn.3
@@ -204,17 +204,31 @@ multiple threads simultaneously, as long as a separate
object is used for each thread.
.PP
Upon error,
-.B crypt
-and
-.B crypt_r
-return a pointer to an
+.BR crypt_r ", " crypt_rn ", and " crypt_ra
+write an
.I invalid
-hashed passphrase.
+hashed passphrase to the
+.I output
+field of their
+.I crypt_data
+object, and
+.B crypt
+writes an invalid hash to its static storage area.
This string will be shorter than 13 characters,
will begin with a \(oq\fB*\fR\(cq,
and will not compare equal to
.IR setting .
-(This peculiar behavior is for compatibility
+.PP
+Upon error,
+.BR crypt_rn " and " crypt_ra
+return a null pointer.
+.BR crypt_r " and " crypt
+may also return a null pointer,
+or they may return a pointer to the invalid hash,
+depending on how
+.I libcrypt
+was configured.
+(The option to return the invalid hash is for compatibility
with old applications that assume that
.B crypt
cannot return a null pointer.
@@ -222,15 +236,6 @@ See
.B "PORTABILITY NOTES"
below.)
.PP
-.B crypt_rn
-and
-.B crypt_ra
-also write an invalid hashed passphrase to the
-.I output
-field of their
-.I crypt_data
-object when they fail, but they return a null pointer.
-.PP
All four functions set
.I errno
when they fail.
diff --git a/test-badsalt.c b/test-badsalt.c
index b2743373628b1f3f..3d2e47ac0e7647bd 100644
--- a/test-badsalt.c
+++ b/test-badsalt.c
@@ -222,12 +222,28 @@ check_crypt (const char *label, const char *fn,
const char *retval, const char *setting,
bool expected_to_succeed)
{
- /* crypt/crypt_r should never return null */
+#if ENABLE_FAILURE_TOKENS
+ /* crypt/crypt_r never return null when failure tokens are enabled */
if (!retval)
{
printf ("FAIL: %s/%s/%s: returned NULL\n", label, setting, fn);
return false;
}
+#else
+ if (expected_to_succeed && !retval)
+ {
+ printf ("FAIL: %s/%s/%s: returned NULL\n", label, setting, fn);
+ return false;
+ }
+ else if (!expected_to_succeed && retval)
+ {
+ printf ("FAIL: %s/%s/%s: returned %p, should be NULL\n",
+ label, setting, fn, (const void *)retval);
+ return false;
+ }
+ else if (!expected_to_succeed && !retval)
+ return true;
+#endif
if (!check_results (label, fn, retval, setting,
expected_to_succeed))
return false;
diff --git a/test-crypt-badargs.c b/test-crypt-badargs.c
index 0e6af1626a605086..6be24a99ca7f9015 100644
--- a/test-crypt-badargs.c
+++ b/test-crypt-badargs.c
@@ -169,6 +169,14 @@ test_crypt_ra (const char *tag,
check (tag, expect, got);
}
+#if ENABLE_FAILURE_TOKENS
+# define FT0 "*0"
+# define FT1 "*1"
+#else
+# define FT0 0
+# define FT1 0
+#endif
+
/* PAGE should point to PAGESIZE bytes of read-write memory followed
by another PAGESIZE bytes of inaccessible memory. */
@@ -187,55 +195,55 @@ do_tests(char *page, size_t pagesize)
size_t i;
/* When SETTING is null, it shouldn't matter what PHRASE is. */
- expect_no_fault ("0.0.crypt", 0, 0, "*0", test_crypt);
- expect_no_fault ("0.0.crypt_r", 0, 0, "*0", test_crypt_r);
+ expect_no_fault ("0.0.crypt", 0, 0, FT0, test_crypt);
+ expect_no_fault ("0.0.crypt_r", 0, 0, FT0, test_crypt_r);
expect_no_fault ("0.0.crypt_rn", 0, 0, 0, test_crypt_rn);
expect_no_fault ("0.0.crypt_ra", 0, 0, 0, test_crypt_ra);
- expect_no_fault ("''.0.crypt", "", 0, "*0", test_crypt);
- expect_no_fault ("''.0.crypt_r", "", 0, "*0", test_crypt_r);
+ expect_no_fault ("''.0.crypt", "", 0, FT0, test_crypt);
+ expect_no_fault ("''.0.crypt_r", "", 0, FT0, test_crypt_r);
expect_no_fault ("''.0.crypt_rn", "", 0, 0, test_crypt_rn);
expect_no_fault ("''.0.crypt_ra", "", 0, 0, test_crypt_ra);
- expect_no_fault ("ph.0.crypt", phrase, 0, "*0", test_crypt);
- expect_no_fault ("ph.0.crypt_r", phrase, 0, "*0", test_crypt_r);
+ expect_no_fault ("ph.0.crypt", phrase, 0, FT0, test_crypt);
+ expect_no_fault ("ph.0.crypt_r", phrase, 0, FT0, test_crypt_r);
expect_no_fault ("ph.0.crypt_rn", phrase, 0, 0, test_crypt_rn);
expect_no_fault ("ph.0.crypt_ra", phrase, 0, 0, test_crypt_ra);
- expect_no_fault ("p1.0.crypt", p1, 0, "*0", test_crypt);
- expect_no_fault ("p1.0.crypt_r", p1, 0, "*0", test_crypt_r);
+ expect_no_fault ("p1.0.crypt", p1, 0, FT0, test_crypt);
+ expect_no_fault ("p1.0.crypt_r", p1, 0, FT0, test_crypt_r);
expect_no_fault ("p1.0.crypt_rn", p1, 0, 0, test_crypt_rn);
expect_no_fault ("p1.0.crypt_ra", p1, 0, 0, test_crypt_ra);
- expect_no_fault ("p2.0.crypt", p2, 0, "*0", test_crypt);
- expect_no_fault ("p2.0.crypt_r", p2, 0, "*0", test_crypt_r);
+ expect_no_fault ("p2.0.crypt", p2, 0, FT0, test_crypt);
+ expect_no_fault ("p2.0.crypt_r", p2, 0, FT0, test_crypt_r);
expect_no_fault ("p2.0.crypt_rn", p2, 0, 0, test_crypt_rn);
expect_no_fault ("p2.0.crypt_ra", p2, 0, 0, test_crypt_ra);
/* Conversely, when PHRASE is null,
it shouldn't matter what SETTING is... */
- expect_no_fault ("0.''.crypt", 0, "", "*0", test_crypt);
- expect_no_fault ("0.''.crypt_r", 0, "", "*0", test_crypt_r);
+ expect_no_fault ("0.''.crypt", 0, "", FT0, test_crypt);
+ expect_no_fault ("0.''.crypt_r", 0, "", FT0, test_crypt_r);
expect_no_fault ("0.''.crypt_rn", 0, "", 0, test_crypt_rn);
expect_no_fault ("0.''.crypt_ra", 0, "", 0, test_crypt_ra);
- expect_no_fault ("0.'*'.crypt", 0, "*", "*0", test_crypt);
- expect_no_fault ("0.'*'.crypt_r", 0, "*", "*0", test_crypt_r);
+ expect_no_fault ("0.'*'.crypt", 0, "*", FT0, test_crypt);
+ expect_no_fault ("0.'*'.crypt_r", 0, "*", FT0, test_crypt_r);
expect_no_fault ("0.'*'.crypt_rn", 0, "*", 0, test_crypt_rn);
expect_no_fault ("0.'*'.crypt_ra", 0, "*", 0, test_crypt_ra);
- expect_no_fault ("0.'*0'.crypt", 0, "*0", "*1", test_crypt);
- expect_no_fault ("0.'*0'.crypt_r", 0, "*0", "*1", test_crypt_r);
+ expect_no_fault ("0.'*0'.crypt", 0, "*0", FT1, test_crypt);
+ expect_no_fault ("0.'*0'.crypt_r", 0, "*0", FT1, test_crypt_r);
expect_no_fault ("0.'*0'.crypt_rn", 0, "*0", 0, test_crypt_rn);
expect_no_fault ("0.'*0'.crypt_ra", 0, "*0", 0, test_crypt_ra);
- expect_no_fault ("0.'*1'.crypt", 0, "*1", "*0", test_crypt);
- expect_no_fault ("0.'*1'.crypt_r", 0, "*1", "*0", test_crypt_r);
+ expect_no_fault ("0.'*1'.crypt", 0, "*1", FT0, test_crypt);
+ expect_no_fault ("0.'*1'.crypt_r", 0, "*1", FT0, test_crypt_r);
expect_no_fault ("0.'*1'.crypt_rn", 0, "*1", 0, test_crypt_rn);
expect_no_fault ("0.'*1'.crypt_ra", 0, "*1", 0, test_crypt_ra);
- expect_no_fault ("0.p1.crypt", 0, p1, "*0", test_crypt);
- expect_no_fault ("0.p1.crypt_r", 0, p1, "*0", test_crypt_r);
+ expect_no_fault ("0.p1.crypt", 0, p1, FT0, test_crypt);
+ expect_no_fault ("0.p1.crypt_r", 0, p1, FT0, test_crypt_r);
expect_no_fault ("0.p1.crypt_rn", 0, p1, 0, test_crypt_rn);
expect_no_fault ("0.p1.crypt_ra", 0, p1, 0, test_crypt_ra);
@@ -245,8 +253,8 @@ do_tests(char *page, size_t pagesize)
bug, but it's impractical to fix without breaking the property
that 'crypt' _never_ creates a failure token that is equal to the
setting string, which is more important than this corner case. */
- expect_a_fault ("0.p2.crypt", 0, p2, "*0", test_crypt);
- expect_a_fault ("0.p2.crypt_r", 0, p2, "*0", test_crypt_r);
+ expect_a_fault ("0.p2.crypt", 0, p2, FT0, test_crypt);
+ expect_a_fault ("0.p2.crypt_r", 0, p2, FT0, test_crypt_r);
expect_a_fault ("0.p2.crypt_rn", 0, p2, 0, test_crypt_rn);
expect_a_fault ("0.p2.crypt_ra", 0, p2, 0, test_crypt_ra);
@@ -257,9 +265,9 @@ do_tests(char *page, size_t pagesize)
strcpy (page, "p1.'");
strcat (page, settings[i]);
strcat (page, "'.crypt");
- expect_a_fault (page, p1, settings[i], "*0", test_crypt);
+ expect_a_fault (page, p1, settings[i], FT0, test_crypt);
strcat (page, "_r");
- expect_a_fault (page, p1, settings[i], "*0", test_crypt_r);
+ expect_a_fault (page, p1, settings[i], FT0, test_crypt_r);
strcat (page, "n");
expect_a_fault (page, p1, settings[i], 0, test_crypt_rn);
page [strlen (page) - 1] = 'a';
@@ -268,9 +276,9 @@ do_tests(char *page, size_t pagesize)
strcpy (page, "p2.'");
strcat (page, settings[i]);
strcat (page, "'.crypt");
- expect_a_fault (page, p2, settings[i], "*0", test_crypt);
+ expect_a_fault (page, p2, settings[i], FT0, test_crypt);
strcat (page, "_r");
- expect_a_fault (page, p2, settings[i], "*0", test_crypt_r);
+ expect_a_fault (page, p2, settings[i], FT0, test_crypt_r);
strcat (page, "n");
expect_a_fault (page, p2, settings[i], 0, test_crypt_rn);
page [strlen (page) - 1] = 'a';
@@ -279,8 +287,8 @@ do_tests(char *page, size_t pagesize)
/* Conversely, when PHRASE is valid, passing an invalid string as SETTING
should crash reliably. */
- expect_a_fault ("ph.p2.crypt", phrase, p2, "*0", test_crypt);
- expect_a_fault ("ph.p2.crypt_r", phrase, p2, "*0", test_crypt_r);
+ expect_a_fault ("ph.p2.crypt", phrase, p2, FT0, test_crypt);
+ expect_a_fault ("ph.p2.crypt_r", phrase, p2, FT0, test_crypt_r);
expect_a_fault ("ph.p2.crypt_rn", phrase, p2, 0, test_crypt_rn);
expect_a_fault ("ph.p2.crypt_ra", phrase, p2, 0, test_crypt_ra);
@@ -292,9 +300,9 @@ do_tests(char *page, size_t pagesize)
strcpy (page, "ph.'");
strcat (page, settings[i]);
strcat (page, ".crypt");
- expect_a_fault (page, phrase, p1, "*0", test_crypt);
+ expect_a_fault (page, phrase, p1, FT0, test_crypt);
strcat (page, "_r");
- expect_a_fault (page, phrase, p1, "*0", test_crypt_r);
+ expect_a_fault (page, phrase, p1, FT0, test_crypt_r);
strcat (page, "n");
expect_a_fault (page, phrase, p1, 0, test_crypt_rn);
page [strlen (page) - 1] = 'a';
diff --git a/test-crypt-bcrypt.c b/test-crypt-bcrypt.c
index c984e4d47d8df2c6..bf149b405bd408c7 100644
--- a/test-crypt-bcrypt.c
+++ b/test-crypt-bcrypt.c
@@ -194,8 +194,12 @@ main (void)
errno = 0;
p = crypt (key, setting);
errnm = errno;
+#if ENABLE_FAILURE_TOKENS
match = strcmp (p, hash);
- if ((!ok && !errno) || strcmp (p, hash))
+#else
+ match = (ok ? strcmp (p, hash) : p != 0);
+#endif
+ if ((!ok && !errno) || match)
{
printf ("FAIL: %d/crypt.1: key=%s setting=%s: xhash=%s xerr=%d, "
"p=%s match=%d err=%s\n",

259
SPECS/libxcrypt.spec Normal file
View File

@ -0,0 +1,259 @@
# Shared object version of libcrypt.
%global soc 1
%global sol 1
%global sof 0
%global sov %{soc}.%{sol}.%{sof}
# Add generation of HMAC checksums of the final stripped
# binaries. %%define with lazy globbing is used here
# intentionally, because using %%global does not work.
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
%{_bindir}/fipshmac %{buildroot}/%{_lib}/libcrypt.so.%{sov} \
%{__ln_s} .libcrypt.so.%{sov}.hmac \\\
%{buildroot}/%{_lib}/.libcrypt.so.%{soc}.hmac \
%{nil}
Name: libxcrypt
Version: 4.1.1
Release: 4%{?dist}
Summary: Extended crypt library for DES, MD5, Blowfish and others
# For explicit license breakdown, see the
# LICENSING file in the source tarball.
License: LGPLv2+ and BSD and Public Domain
URL: https://github.com/besser82/%{name}
Source0: %{url}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Patch1: libxcrypt-rh1612157.patch
Patch2: libxcrypt-rh1613537.patch
BuildRequires: fipscheck
BuildRequires: libtool
Requires: glibc%{_isa} >= 2.26.9000-46
# We do not need to keep this forever.
%if 0%{?fedora} && 0%{?fedora} <= 31
# Inherited from former libcrypt package.
Obsoletes: libcrypt-nss <= 2.26.9000-33
# Obsolete former libcrypt properly.
Obsoletes: libcrypt <= 2.26.9000-46
# Provide virtual libcrypt as it has been done
# by former libcrypt{,-nss} packages from glibc.
Provides: libcrypt == 2.26.9000-46.1
Provides: libcrypt%{?_isa} == 2.26.9000-46.1
%endif
%description
libxcrypt is a modern library for one-way hashing of passwords. It
supports DES, MD5, SHA-2-256, SHA-2-512, and bcrypt-based password
hashes, and provides the traditional Unix 'crypt' and 'crypt_r'
interfaces, as well as a set of extended interfaces pioneered by
Openwall Linux, 'crypt_rn', 'crypt_ra', 'crypt_gensalt',
'crypt_gensalt_rn', and 'crypt_gensalt_ra'.
libxcrypt is intended to be used by login(1), passwd(1), and other
similar programs; that is, to hash a small number of passwords during
an interactive authentication dialogue with a human. It is not
suitable for use in bulk password-cracking applications, or in any
other situation where speed is more important than careful handling of
sensitive data. However, it *is* intended to be fast and lightweight
enough for use in servers that must field thousands of login attempts
per minute.
On Linux-based systems, by default libxcrypt will be binary backward
compatible with the libcrypt.so.1 shipped as part of the GNU C Library.
This means that all existing binary executables linked against glibc's
libcrypt should work unmodified with this library's libcrypt.so.1. We
have taken pains to provide exactly the same "symbol versions" as were
used by glibc on various CPU architectures, and to account for the
variety of ways in which the Openwall extensions were patched into
glibc's libcrypt by some Linux distributions. (For instance,
compatibility symlinks for SuSE's "libowcrypt" are provided.)
However, the converse is not true: programs linked against libxcrypt
will not work with glibc's libcrypt. Also, programs that use certain
legacy APIs supplied by glibc's libcrypt ('encrypt', 'encrypt_r',
'setkey', 'setkey_r', and 'fcrypt') cannot be compiled against libxcrypt.
%package devel
Summary: Development files for %{name}
Requires: %{name}%{?_isa} == %{version}-%{release}
Requires: glibc-devel%{?_isa} >= 2.26.9000-46
Requires: glibc-headers%{?_isa} >= 2.26.9000-46
Conflicts: man-pages < 4.15-3
%description devel
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.
%package static
Summary: Static library for -static linking with %{name}
Requires: %{name}-devel%{?_isa} == %{version}-%{release}
Requires: glibc-static%{?_isa} >= 2.26.9000-46
%description static
This package contains the libxcrypt static libraries for -static
linking. You don't need this, unless you link statically, which
is highly discouraged.
%prep
%autosetup -p 1
%{_bindir}/autoreconf -fiv
%build
%configure \
--libdir=/%{_lib} \
--disable-silent-rules \
--enable-shared \
--enable-static \
--disable-failure-tokens \
--enable-hashes=all \
--enable-obsolete-api=glibc \
--with-pkgconfigdir=%{_libdir}/pkgconfig
%make_build
%install
%make_install
# Get rid of libtool crap.
%{_bindir}/find %{buildroot} -name '*.la' -print -delete
# Install documentation to shared %%_pkgdocdir.
%{__install} -Dpm 0644 -t %{buildroot}%{_pkgdocdir} \
ChangeLog NEWS README THANKS TODO
%check
%make_build check || \
{
rc=$?;
echo "-----BEGIN TESTLOG-----";
%{__cat} test-suite.log;
echo "-----END TESTLOG-----";
exit $rc;
}
%ldconfig_scriptlets
%files
%license AUTHORS COPYING.LIB LICENSING
%doc %dir %{_pkgdocdir}
%doc %{_pkgdocdir}/NEWS
%doc %{_pkgdocdir}/README
%doc %{_pkgdocdir}/THANKS
/%{_lib}/.libcrypt.so.%{soc}.hmac
/%{_lib}/.libcrypt.so.%{sov}.hmac
/%{_lib}/libcrypt.so.%{soc}
/%{_lib}/libcrypt.so.%{sov}
%{_mandir}/man5/crypt.5.*
%files devel
%doc %{_pkgdocdir}/ChangeLog
%doc %{_pkgdocdir}/TODO
/%{_lib}/libcrypt.so
%{_includedir}/crypt.h
%{_libdir}/pkgconfig/libcrypt.pc
%{_libdir}/pkgconfig/%{name}.pc
%{_mandir}/man3/crypt.3.*
%{_mandir}/man3/crypt_r.3.*
%{_mandir}/man3/crypt_ra.3.*
%{_mandir}/man3/crypt_rn.3.*
%{_mandir}/man3/crypt_gensalt.3.*
%files static
/%{_lib}/libcrypt.a
%changelog
* Wed Aug 8 2018 Florian Weimer <fweimer@redhat.com> - 4.1.1-4
- Move development panpages to libxcrypt-devel (#1613824)
* Wed Aug 8 2018 Florian Weimer <fweimer@redhat.com> - 4.1.1-3
- Change crypt, crypt_r to return NULL on failure (#1613537)
* Wed Aug 8 2018 Florian Weimer <fweimer@redhat.com> - 4.1.1-2
- Add manpages aliases for crypt, crypt_r, crypt_ra (#1612157)
* Wed Aug 01 2018 Björn Esser <besser82@fedoraproject.org> - 4.1.1-1
- New upstream release
* Fri Jul 13 2018 Björn Esser <besser82@fedoraproject.org> - 4.1.0-1
- New upstream release
* Fri Jul 13 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.1-6
- Make testsuite fail on error again
- Update patch0 with more upstream fixes
* Fri Jul 13 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.1-5
- Add patch to update to recent development branch
- Re-enable SUNMD5 support as it is BSD licensed now
- Build compatibility symbols for glibc only
- Skip failing testsuite once
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Jun 29 2018 Florian Weimer <fweimer@redhat.com> - 4.0.1-3
- Remove CDDL from license list (#1592445)
* Fri Jun 29 2018 Florian Weimer <fweimer@redhat.com> - 4.0.1-2
- Remove SUNMD5 support (#1592445)
* Wed May 16 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.1-1
- New upstream release
* Sat Feb 17 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-5
- Switch to %%ldconfig_scriptlets
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Feb 01 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-3
- Add patch to fix unintialize value in badsalt test
* Wed Jan 31 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-2
- Add patch to fix bcrypt test with GCC8
* Sat Jan 27 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-1
- New upstream release
* Mon Jan 22 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 4.0.0-0.204.20180120git3436e7b
- Fix Obsoletes
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-0.203.20180120git3436e7b
- Update to new snapshot fixing cast-align
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-0.202.20180120gitde99d27
- Update to new snapshot (rhbz#1536752)
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-0.201.20171109git15447aa
- Use archful Obsoletes for libcrypt
- Add versioned Requires on glibc packages not shipping libcrypt
- Add comments about the packaging logic for replacing former libcrypt
* Fri Jan 12 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-0.200.20171109git15447aa
- Initial import (rhbz#1532794)
- Add Obsoletes/Provides for libcrypt
* Wed Jan 10 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-0.101.20171109git15447aa
- Fix style of %%git_{rel,ver}
* Tue Jan 09 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.0-0.100.git20171109.15447aa
- Initial rpm release (rhbz#1532794)
- Start revision at 0.100 to superseed builds from COPR